Comments

I know this is off topic but I didn’t know where else to ask this question. So apologies in advance. Do you have a full post RSS feed for this blog? I generally read your blog in a feed reader and all of your posts are truncated and I have to open them in a browser to read them. If you have full post RSS feed, I’d appreciate if you can point me to the link. Thanks.

The article on safely browsing the web is a bit lacking, technically. Probably the best answer is: “don’t.” The second best answer is to run a virtual machine on a compromised system someplace in China or Japan, accessed over a VPN (and you still have to worry about your endpoint not giving away too much) The kind of capabilities that Snowden has disclosed really moot pretty much all of computer security as we now know it. So, if you’re worried about the NSA spying on you, the best thing to do is join the NSA or FBI and dump as much data as you possibly can about what they are doing. Then you’ll be off the internet for good.

As Marcus suggests, if you are at a level of tech where the ProPublica article seems reasonable, then you have no chance you have lost have a nice day.

Beyond that the first thing you have to understand is that there are various tradeoffs of privacy vs. convenience and privacy vs. cost.

So you will have to define what you mean by privacy.

And first understand that “safe browsing” usually refers to not picking up malware, not necessarily having a private session.

So are you looking to make yourself:

Private from the NSA and other government agencies?
Private from hackers?
Private from your employer?
Private from nimrods sharing my wifi, cellular network or wired network as I travel?
Private from marketing agencies?

A lot of Snowden familiar experts are saying encryption still works against the NSA unless they have physical access to your machine, if you believe that there is a good chance that installing encryption anywhere can help keep your comms private. And that will keep the nimrods at the Starbucks at bay as well.

To make that more believable you also need to be careful about what extensions you install in your browser.

But using encryption won’t prevent sites and marketing pukes from tracking your web activities. For that you need to use various cookie blockers or cookie policies, and various extensions to block trackers.

I am relatively comfortable for my own needs with using firefox and telling it to accept all cookies for a session and delete all cookies when exiting the browser. This does mean that from use to use I have to relogin again to everything including using 2 party authentication on many sites so it is not as convenient as many people would like.

I also insist firefox never remember any passwords and keep all my passwords in a 3rd party password app.

There are times I use TOR and/or use VPNs in part to hide IP addresses.

You can look into the use of VPNs including how to make your phone use a VPN by googling.

+ use the Internet anonymously and circumvent censorship;
+ all connections to the Internet are forced to go through the Tor network;
+ leave no trace on the computer you are using unless you ask it explicitly;
+ use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging.

But even that is a crapshoot as holes are found and bugs are found.

It’s an evolving target and you’re constantly chasing perfection and hoping what you are doing has even a reasonable chance.

Honestly Mano, I think a good talk for you at what I perceive your level of expertise is, would be to sit down and go through your needs with an expert, and then write up in a talk what your needs were and how you chose to address them. I think there are a lot of people who would benefit from that.

The NSA revelations are pretty scary. The Internet is pretty broken at the moment and will be until our President puts his foot down and makes restoring Internet security a priority.